Known Vulnerabilities for products from Qnap
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Qnap".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Qnap can be found at device.report : Qnap
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-38693 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 5.3 - MEDIUM | 2022-05-05 | 2022-05-13 |
| CVE-2021-38692 | A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If explo... | 9.8 - CRITICAL | 2022-01-14 | 2022-01-22 |
| CVE-2021-38691 | A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If explo... | 9.8 - CRITICAL | 2022-01-14 | 2022-01-25 |
| CVE-2021-38690 | A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If explo... | 9.8 - CRITICAL | 2022-01-14 | 2022-01-25 |
| CVE-2021-38689 | A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If explo... | 9.8 - CRITICAL | 2022-01-14 | 2022-01-25 |
| CVE-2021-38688 | An improper authentication vulnerability has been reported to affect Android App Qfile. If exploited, this vulnerability allo... | 7.5 - HIGH | 2021-12-29 | 2022-01-10 |
| CVE-2021-38687 | A stack buffer overflow vulnerability has been reported to affect QNAP NAS running Surveillance Station. If exploited, this v... | 9.8 - CRITICAL | 2021-12-29 | 2022-01-10 |
| CVE-2021-38686 | An improper authentication vulnerability has been reported to affect QNAP device, VioStor. If exploited, this vulnerability a... | 8.8 - HIGH | 2021-11-26 | 2021-12-03 |
| CVE-2021-38685 | A command injection vulnerability has been reported to affect QNAP device, VioStor. If exploited, this vulnerability allows r... | 9.8 - CRITICAL | 2021-11-26 | 2021-12-02 |
| CVE-2021-38684 | A stack buffer overflow vulnerability has been reported to affect QNAP NAS running Multimedia Console. If exploited, this vul... | 9.8 - CRITICAL | 2021-11-13 | 2022-02-10 |
| CVE-2021-38682 | A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If explo... | 9.8 - CRITICAL | 2022-01-14 | 2022-01-25 |
| CVE-2021-38681 | A reflected cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Ragic Cloud DB. If exploite... | 5.4 - MEDIUM | 2021-11-20 | 2021-11-23 |
| CVE-2021-38680 | A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Kazoo Server. If exploited, this v... | 6.1 - MEDIUM | 2021-12-29 | 2022-01-07 |
| CVE-2021-38679 | An improper authentication vulnerability has been reported to affect QNAP NAS running Kazoo Server. If exploited, this vulner... | 9.8 - CRITICAL | 2022-02-11 | 2022-02-23 |
| CVE-2021-38678 | An open redirect vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability al... | 6.1 - MEDIUM | 2022-01-14 | 2022-01-19 |
| CVE-2021-38677 | A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vuln... | 6.1 - MEDIUM | 2022-01-14 | 2022-01-19 |
| CVE-2021-38675 | A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Image2PDF. If exploited, this vuln... | 5.4 - MEDIUM | 2021-10-01 | 2021-10-04 |
| CVE-2021-38674 | A cross-site scripting (XSS) vulnerability has been reported to affect QTS, QuTS hero and QuTScloud. If exploited, this vulne... | 6.1 - MEDIUM | 2022-01-07 | 2022-01-14 |
| CVE-2021-34362 | A command injection vulnerability has been reported to affect QNAP device running Media Streaming add-on. If exploited, this ... | 7.2 - HIGH | 2021-10-22 | 2022-04-25 |
| CVE-2021-34361 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.1 - MEDIUM | 2022-02-25 | 2022-03-08 |
Known software with vulnerabilities from Qnap
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Qnap | Helpdesk | 1.0.06 |
| Application | Qnap | Iartist Lite | 1.4.53.1 |
| Application | Qnap | Multimedia Console | 1.0.0 |
| Application | Qnap | Music Station | 4.8.0 |
| Application | Qnap | Myqnapcloud | 1.3.3.0925 |
| Application | Qnap | Nas Proxy Server | 1.3.0 |
| Application | Qnap | Netbak Replicator | 4.5.11.816 |
| Application | Qnap | Photo Station | 5.2.0 |
| Application | Qnap | Qcenter | 1.1.15 |
| Application | Qnap | Qes | 1.1.4 |
| Application | Qnap | Qfinder Pro | 6.1.0.0317 |
| Application | Qnap | Qsync | 4.2.2.0724 |
| Operating System | Qnap | Qts | - |
| Application | Qnap | Qts Helpdesk | 1.1.12 |
| Application | Qnap | Quts Hero | h4.5.0 |
| Application | Qnap | Signage Station | 2.0 |
| Hardware | Qnap | Ss-839 | - |
| Operating System | Qnap | Ss-839 Firmware | 4.0.7 |
| Application | Qnap | Surveillance Station | 5.0.3 |
| Hardware | Qnap | Ts-459u | - |